Malicious code in @actbase/react-native-naver-login (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20b3259789ec3c0e90767b9f76d1f7d825f89fba1d5810692ec87ae4567f698e The package @actbase/react-native-naver-login was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-198780

Malicious code in @actbase/react-native-naver-login npm...

Username Enumeration

umbraco.cms is vulnerable to User Enumeration. The vulnerability is due to improper user authentication checks, which allows an attacker to enumerate valid usernames by exploiting access to the native login screen...

Observation of Response Discrepancy to Enumerate Users

Overview Umbraco.Cms.Infrastructure is an infrastructure assembly needed to run Umbraco CMS. Affected versions of this package are vulnerable to Observation of Response Discrepancy to Enumerate Users due to the handling of the native login screen. An attacker with access to the native login scree...

CVE-2024-28868

Umbraco is an ASP.NET content management system. Umbraco 10 prior to 10.8.4 with access to the native login screen is vulnerable to a possible user enumeration attack. This issue was fixed in version 10.8.5. As a workaround, one may disable the native login screen by exclusively using external...

CVE-2024-28868 Umbraco possible user enumeration vulnerability

Umbraco is an ASP.NET content management system. Umbraco 10 prior to 10.8.4 with access to the native login screen is vulnerable to a possible user enumeration attack. This issue was fixed in version 10.8.5. As a workaround, one may disable the native login screen by exclusively using external...

GHSA-552F-97WF-PMPQ Umbraco possible user enumeration

Impact A user enumeration attack is possible. Affected versions Umbraco 10 with access to the native login screen Patches This is fixed in 10.8.5 Workarounds Disabling the native login screen, by exclusively use external logins...

Authentication flaw

An issue was discovered in Talend Data Catalog before 7.3-20210930. After setting up SAML/OAuth, authentication is not correctly enforced on the native login page. Any valid user from the SAML/OAuth provider can be used as the username with an arbitrary password, and login will succeed...

Oracle E-Business Suite password disclosure vulnerability

Overview Oracle E-Business Suite 12.0-12.1, when used with the native login pages or single sign-on SSO / Oracle Access Management OAM with the native login pages, contains a credential exposure vulnerability. Description Oracle E-Business Suite administrators who have applied CPU patches for Jul...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Logging. NOTE: the previous information is from the July 2013 CPU. Oracl...

CVE-2013-3749

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Logging. NOTE: the previous information is from the July 2013 CPU. Oracl...